role

2024-02-22 17:07:36 +01:00 · 2024-02-22 17:07:36 +01:00 · 7c658e28f9
commit 7c658e28f9
parent c2f8c93ef3
1 changed files with 3 additions and 3 deletions
--- a/admin/login.php
+++ b/admin/login.php
@ -24,14 +24,14 @@ $boolLogin=true;
    if (isset($_POST['login']) && isset($_POST['password'])) {
        $strUser         = trim($_POST['login']);
        $strPassword     = trim($_POST['password']);
-        $strSQL = "SELECT username,passwordhash,district FROM user WHERE username='$strUser'";
+        $strSQL = "SELECT username,passwordhash,district,role FROM user WHERE username='$strUser'";
        $result = $db->query($strSQL);
        if ($row=$result->fetch(PDO::FETCH_ASSOC))  {
-            $boolOk = $strDistrict==$row['district'] || $row['username']=="admin";
+            $boolOk = $strDistrict==$row['district'] || $row['role']=="admin";
            if (password_verify($strPassword,$row['passwordhash']) && $boolOk) {
                $_SESSION['user']=$strUser;
                $_SESSION['csrf_token'] = uniqid('', true);
-                $_SESSION['superadmin'] = $row['username']=="admin";
+                $_SESSION['superadmin'] = $row['role']=="admin";
                header ("Location: index.php");
            } else {
                $boolLogin=false;